RAG Data Harvesting

Type: technique

Description: The adversary uses the AI system to query for sensitive data indexed by the RAG. Variants include searching through sensitive information in email, chat and shared documents.

Version: 0.1.0

Created At: 2025-10-01 13:13:22 -0400

Last Modified At: 2025-10-01 13:13:22 -0400

External References

--> Data from AI Services (technique): Sub-technique of
--> RAG Credential Harvesting (technique): The two techniques are similar apart from their target data and purpose.
<-- RAG Credential Harvesting (technique): The two techniques are similar apart from their target data and purpose.
<-- Microsoft Copilot Purview Audit Log Evasion and DLP Bypass (procedure): Sensitive documents are harvested without any audit log trail and while bypassing DLP.
<-- Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information (procedure): Automatically read other emails or documents without a human in the loop.

MITRE ATLAS - AML.T0085.000

AI Agents Attack Matrix

RAG Data Harvesting

External References

Related Objects

Related Frameworks